CAPSLOCK 

Started off the day with a sick dayhome provider (luckily one set of grandparents were able to take the kids today) and then an internet outage first thing this morning at work.

WHAT ELSE DO YOU HAVE FOR ME THURSDAY?

Follow

re: CAPSLOCK 

Well, there's my answer. Someone spoofing one of our email addresses and convincing someone else to send money transfers to a random @yahoo.com email address.

Now to wait for the message trace report from Exchange Online to prove they didn't actually originate from us.

re: CAPSLOCK 

@Jetengineweasel I guess not. Seems they run their own on-prem servers. And looking through the thread I can easily spot which emails weren't from us. And I have the proof in the Message trace report.

I don't have the originals with headers that they received to see where the mail originated from but I know it's not here since outbound SMTP is also blocked on our network.

But as a precaution I've replaced the local user's workstation and they've changed their password.

re: CAPSLOCK 

@devrandom next year im looking at blocking inbound messages witho it an spf record, and tagging anything without a hardfail with an ugly subject line tag. That kind of thing really helps on the defender side

Sign in to participate in the conversation
hackers.town

A bunch of technomancers in the fediverse. Keep it fairly clean please. This arcology is for all who wash up upon it's digital shore.